Return to Blog

As we step into 2025, the cyber security landscape has never been more complex or consequential. Check Point’s 13th Annual State of Cyber Security Report provides a detailed look at the trends, threats, and strategies shaping this rapidly evolving field. From the rise of AI-driven disinformation campaigns to the shift in ransomware tactics, this year’s findings offer critical insights for organisations striving to secure their digital futures.

Key threats and trends of 2024

  1. The overall global attacks against organisations significantly increased in the past year, to 44% higher than in 2023
  2. The rise of infostealers of 58% of attacks compared to 2023, focusing on corporate access

Infostealers have become a dominant threat, with their ability to covertly extract sensitive data such as credentials, session tokens, and financial information. These tools have fuelled a burgeoning dark web economy, where stolen logs are sold for further exploitation. Infostealer campaigns have largely adopted a “spray-and-pray” approach, targeting personal devices to gain access to corporate resources. This trend highlights the increasing need for robust endpoint protection and employee awareness.

  1. Ransomware’s evolution

Ransomware remains the leading cyber security threat, but its tactics have shifted. Data exfiltration-only extortion (DXF) has gained traction as a more streamlined and stealthy alternative to traditional encryption-based attacks. High-profile cases like the attack on Change Healthcare underscore the devastating financial and operational impacts of ransomware. With healthcare now the second most targeted sector, organisations must prioritise data protection and rapid threat detection.

  1. AI-driven disinformation

AI has transformed disinformation campaigns, with state-sponsored actors using deepfake videos, AI-generated articles, and bots to manipulate public opinion. In 2024, AI was reportedly used in a third of global elections to sow discord and undermine trust in democratic processes. These campaigns reveal the darker side of AI’s potential and the urgent need for enhanced detection capabilities.

  1. Multipurpose malware attack increase: This figure marks a significant 25% increase compared to 2023 when only 31% of organisations faced similar attempts.
  2. Exploitation of supply chains and infrastructure

Attacks on supply chains and critical infrastructure surged in 2024, with groups like China’s Volt Typhoon targeting edge devices and IoT systems. These attacks highlight the vulnerabilities in hybrid networks and the importance of securing both on-premise and cloud environments.

On the positive side:

2024 marks the first time security alerts become the leading trigger for incidents, surpassing service disruptions as the primary indicator for initiating incident response.

Of the cases where the Check Point Incident and Response Team (CPIRT) was contacted this year 35% were triggered by an alert from a security product, compared to just 20% of our cases from the previous year. This shift indicates a significant rise in the expertise of security teams and advancements in detection and prevention technologies. Organisations are progressively adept at recognising alerts from security systems and identify breaches before they escalate to service disruptions.

By focusing on early detection through security alerts and proactive measures, organisations can respond more effectively to threats and reduce the impact of cyber incidents.

Analysing the different types of alerts that prompt security teams to initiate their incident response processes provides valuable insights into how teams should be trained and operate in these situations.

Pentesec and their Managed SOC are here to help you effectively manage and mitigate these threats.

2025 predictions and recommendations

  1. Strengthen AI governance

The integration of AI into cyber security strategies is inevitable, but organisations must develop comprehensive governance frameworks to mitigate risks. This includes monitoring AI applications for unauthorised use and training employees on secure practices.

  1. Adopt a multi-layered security approach

As cyber threats become more sophisticated, a single-layered defence is no longer sufficient. Organisations must adopt multi-layered security solutions that include advanced threat detection, endpoint protection, and vulnerability management.

  1. Focus on data protection

With the rise of data exfiltration-only extortion, protecting sensitive information is more critical than ever. Organisations should invest in data leak prevention (DLP) solutions and advanced monitoring systems to detect and mitigate breaches early.

  1. Enhance incident response by leveraging AI

Proactive incident response capabilities can significantly reduce the impact of cyberattacks. Leveraging AI to streamline alert management and prioritise threats can help security teams respond more effectively.

  1. Strengthen international cooperation

The global nature of cyber threats requires coordinated international efforts to disrupt criminal networks. Sharing intelligence and harmonising legal frameworks will be key to combating ransomware and other transnational cybercrimes.

Final thoughts

The cyber security landscape is constantly evolving, with new threats and challenges emerging at an unprecedented pace. The insights from Check Point’s 2025 report underscore the importance of proactive measures, collaborative efforts, and the responsible use of technology. By staying informed and adopting a forward-looking approach, organisations can build resilience and protect their critical assets in an increasingly uncertain world.

Contact Pentesec today to learn how our  SOC can help you achieve your security goals and stay one step ahead in cyber defence.

Download the full report.